Author: jmm
Date: 2013-10-10 08:13:54 +0000 (Thu, 10 Oct 2013)
New Revision: 23937
Modified:
data/CVE/list
Log:
update qemu/xen issue and explain situation
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-10-10 07:47:14 UTC (rev 23936)
+++ data/CVE/list 2013-10-10 08:13:54 UTC (rev 23937)
@@ -3694,10 +3694,13 @@
- linux <unfixed>
CVE-2013-4344 [buffer overflow in scsi_target_emulate_report_luns]
RESERVED
- - xen <unfixed>
+ - xen 4.2-1
- qemu <unfixed> (bug #725944)
- qemu-kvm <removed>
- TODO: check, details needed
+ - xen-qemu-dm-4.0 <removed>
+ NOTE: Xen in Squeeze uses a separate source package: xen-qemu-dm-4.0
+ NOTE: Xen in Wheezy includes qemu
+ NOTE: Xen after Wheezy uses qemu-system-x86 from qemu, marking 4.2 as
pseudo fixed
CVE-2013-4343 (Use-after-free vulnerability in drivers/net/tun.c in the Linux
kernel ...)
- linux <unfixed>
[wheezy] - linux <not-affected> (Introduced in 3.8)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
